Teaching Scheme

April 12, 2018 | Author: Anonymous | Category: Engineering & Technology, Computer Science, Networking

Short Description

Download Teaching Scheme...

Description

Computer Security Topic 1

Name: Introduction to Computer Security and Security Trends

Knowledge Category

Example/s of category

Teaching methodology

FACT

Security

Use appropriate example of security (security guards in college gate)

CONCEPT

Assets

Show any peripheral devices of Computer or Network( Hard disk)

Viruses

Corrupted Files in pen drive

Terrorists

News, Videos of terrorist attack like 26/11 attack

Malware

Use any appropriate examplemalicious code transfer through mobile while sharing the data (Bluetooth)among people

Use any appropriate Confidentiality, Integrity, Availability, example – email Accountability

Risk

PRINCIPLE

PROCEDUR E Application

and

Use any appropriate example – person having large amount of cash in travelling

Security Attacks CIA Model

Use example of Hacker trying to attack on any email account Use any appropriate PPT

Risk Analysis

Use any appropriate PPT or Video

Steps in Attack Online application

Learning Resources: Books:

PPT

Online Shopping Banking

and

Online

Lecture No.

1

Topic/ Subtopic to be covered



Why focus on Security?– “Principals of Computer Security CompTIASecurity+andBeyndo” by Wm. Arthur Conklinchapter 1 Page No 1

E.g The Secureness of precious materials being stolen like gold, money, Mark sheet of student etc.) 

Definition of Computer Security “Computer Security” by Dieter Gollman Chapter 2, Page No 18



Why security is important (Need of security) “Cryptography and Network Security” by AtulKahate Chapter 1, Page no 1

Eg. Confidential information of defense save on computer of govt dept 

Basics of computer security – C, I, A Model Confidentiality - “Computer Security” by Dieter Gollman Chapter 2, Page No 20 Integrity - “Computer Security” by Dieter Gollman Chapter 2, Page No 21 Availability - “Computer Security” by Dieter Gollman Chapter 2, Page No 22 Accountability - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 Non-repudiation - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 * Draw pyramid model of CIA

Web Site - http://it.med.miami.edu/x904.xml *Note- Conclude the lecture with Block keywords & definitions and suitable diagram 2

 Examples of Application where security is important Eg: Bank where locker facility is provided Challenges in security – which are different barriers in security Eg: person tries different ways to crack the password of Computer 

Models of security

3  Define Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 13

4

 What is Assets, Vulnerability and threats “Computer Security” by Dieter Gollman Chapter 1, Page No 10,11 (Harddisk is assest )  Formula for calculation of Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 10 PPTs - www.cs.uiuc.edu/class/sp07/cs498ia/slides/CS46106.RiskAnalysis.ppt  What Quantitative & Qualitative Risk Analysis “Computer Security” by Dieter Gollman Chapter 1, Page No 13  Counter measures to mitigate the risk “Computer Security” by Dieter Gollman Chapter 1, Page No 14 Web Site – http://www.digitalthreat.net/2009/06/threat-vs-vulnerability-vs-risk/

5 

 What is Threat- Definition  What is different categories of Threats Definition of Virus and Worms – Differentiate between them

 “Principles of Computer Security: Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7 “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16, 18

 Different types of Viruses – Life Cycle of Viruses (Draw Diagram) “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16 to 18

 Define Intruders & Insiders – Differentiate between them (Give real life example or any movie example) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7,8

Web Sites –  http://www.f-secure.com/en/web/labs_global/threat-types  http://support.kaspersky.com/viruses/general/614  http://peterhgregory.wordpress.com/2009/03/14/security-basics-definitionsof-threat-attack-and-vulnerability/

6  Who is Criminal purpose(any movie example)

Organization

–

what is

their

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9



Who is Terrorists – what is their aim/goals(any movie example)

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9

 

Information Warfare Why there is need of Information Warfare

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9



Avenues of Attacks (Example of any Criminal Activity)

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 11

 Steps in Attack – How attack can happen in any organization like Bank robbery “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 12

7  What is Attack – Definition of attack  Active and Passive Attack – Differentiate between them, Classification of passive and active attacks “Cryptography and Network Security” by Atul Kahate Chapter 1 Page no 12 to 15



Denial of Service Attack (DOS & DDOS)

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 400

Web Site - http://www.slideshare.net/chintanjpatel/unit-1-33882940



8

Backdoor, Trapdoors

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 403



Sniffing

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 404



Spoofing

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 405, 406



Encryption Attack

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 410

9

Web Site –  https://www.parkbank.com/about/security/computer-security  http://vickyvikramaditya1.blogspot.in/2011/08/sniffing-and-spoofing.html PPT –  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=4&cad=rja&uact=8&sqi=2&ved=0CD8QFjAD&url=http%3A%2F%2 Fwww.pcs.cnu.edu%2F~dgame%2Fcs446Gen%2Ftopics%2FSniffing%2FS niffing.PPT&ei=5WKhU7a2E4OiugTag4CACQ&usg=AFQjCNE2f2hwh4v f1vWecSJh8I8D47Wy0g&bvm=bv.69137298,d.c2E  Man-in-middle attack “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 408

 

Replay Attack TCP/IP Hacking

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 409 Web Site –  http://careerride.com/Networking-replay-attacks.aspx PPT –

10

 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=14&cad=rja&uact=8&ved=0CF0QFjAN&url=http%3A%2F%2Fcsc.c olumbusstate.edu%2Fsummers%2Fnotes%2Fcs557%2F3mf%2FReplayAttacks.ppt&ei=S2OhU9T8GdGdugTCyoLQBw&usg=AFQjCNG0tQwkX Uxg0-6LnH-_ZzDNqSHlzw&bvm=bv.69137298,d.c2E  Definition of Malware “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 415

 

Various categories of Malwares What is Virus and Logic Bombs

“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 418

Web site –  http://www.malwaretruth.com/the-list-of-malware-types/  http://www.kaspersky.co.in/internet-security-center/threats/malwareclassifications

Topic 2

Name: Authentication and Operational Security Objectives Knowledge Category

Example/s of category

Teaching methodology

FACT

People

Use appropriate example of people- Internet Users

Password

Show appropriate example- create password to authenticate user for PC or laptop or password for enrollment of admission Use appropriate example-(Iris) retina scan in Adhar Card Office Example-Login screen

Biometrics

CONCEPT

Managing Password

Example-Cash withdrawal at ATM

Role of People

Example-Changing PIN of ATM User Use appropriate PPT's

PRINCIPLE

Choosing a password

APPLICATION

Individual Responsibilities Thumb Reader

Use Appropriate example of Biometric like Attendance System using Thumb

Learning Resources: Books: Title: 1) “Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill 2) “Computer Security” by Dieter Gollman Publisher – Wiley India 3) “Principles of Computer Security + and Beyond” by Wm. Arthur Conkin Publisher - Tata McGraw Hill Teaching Aids: Black Board, PPTS, Transparencies, Reference Book, Notes. PPTs: Preferably prepare PPTs containing https://depts.washington.edu/...security/your_role_information_secur.ppt  http://www.slideshare.net/vidita123/biometrics-final-ppt

Lecture No.

1

Topic/ Subtopic to be covered

  

Introduction to operational Security Understand meaning - role of people What is password?

“Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 3 “Operational and Organizational Security

*Note- Conclude the lecture with Block keywords & definitions and suitable diagram  Introduction to terms -identification, Authentication & operational Security  To understand role of people in security Cryptography & Network Security by AtulKahateChapter-7pg.nos 271-73

2

3

4



User Name & Password Computer Security by Dieter Gollman Chapter-3, Pg.Nos.36



How to choose & manage password? Computer Security by Dieter Gollman Chapter-3, Pg.Nos.37,38, 39



To understand what are threats while creating passwords.



Introduction to terms -identification, Authentication Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-262



Describe different areas where security comes into picture. Cryptography & Network Security by AtulKahateChapte1 Page No.1 to 3

 

5

Discuss role of people in security Password Selection

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-72



Piggybacking

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-73



Shoulder Surfing

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-70



Dumpster Diving

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-74

6



Installing Unauthorized Software/Hardware Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-74,75



Access By Non-employee Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-75



Security Awareness Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-76



Individual User Responsibilities Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-77 Examples of role of people using suitable techniques.



 http://www.slideshare.net/Clarice_Wilson/atm-frauds-and-solutions

7



Define Access Control

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-268



Discuss their principles & policies

Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-269

" Types of Access controls Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-269,270

8

9

  

Introduction to Biometrics Types of Biometrics

10

      

Types of Biometrics & example Finger prints Hand print Retina Patterns Voice Patterns Signature &Writing Patterns Keystrokes Computer Security Principles & Practices " by William Stalling, Lawrie Brown Chapter-3 " pg.nos.92 to 97

PPT: 

http://www.slideshare.net/vidita123/biometrics-final-ppt

Topic 3

Name: Cryptography

Knowledge Category

Example/s of category

Teaching methodology

FACT

Plaintext

Use example of Plaintext–Human language (message:“welcometo third year diploma”)

Show any message is Codified by using. KEY

Key

Cipher Text

CONCEPT

Cryptography, Cryptanalysis, Cryptology

Encryption

Decryption

Private Key

Alphabet A Codified by key “3” to Alphabet “C”

Show example of codified message like “ABC” is code to “CDE” Use appropriate example to show the converting of plaintext to cipher text and vice-versa.

Show example of encoding plaintext to Cipher text: Eg.”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret: Eg. door key of own house or password of

Lecture No.

1

Topic/ Subtopic to be covered



Introduction to Cryptography “Computer Security” by Dieter Gollman Chapter 11, Page No 186 “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 83 

Definition of Cryptography, Cryptanalysis and Cryptology “Cryptography and Network Security” by AtulKahateChapter2, Page No 38-39

 Identify and describe the types of cryptography “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 84 

What is Plain text and Cipher Text? Plain text and cipher Text - “Cryptography and Network Security” by AtulKahateChapter2, Page No 40-41”

Website http://en.wikipedia.org/wiki/Cryptography  http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf  http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm

PPT –  http://www.sce.uhcl.edu/yang/teaching/csci5931netSecuritySpr05/nsech 02a.ppt



2

What is Substitution Technique?

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41



State different type of substitution technique

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 42



Define Caesar’ciper? Explain with example ?

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41-43



Working principle of mono alphabetic substitution technique

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 44-46

 How Poly alphabetic technique is different from mono alphabetic Cryptography and Network Security” by AtulKahate Chapter 2, Page No 47



Drawback of Substitution technique

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 48-54

Website http://www.cimt.plymouth.ac.uk/resources/codes/codes_u1_text.pdf

PPTs sce.uhcl.edu/yang/public/Modules/.../Substitution%20Ciphers.ppt 

3

What is Transposition Technique?

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54



Working principle of rail fence technique with example

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-55



Working principle of Simple Columnar with example

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-58



What is Stenography? State its advantage and disadvantages

Cryptography and Network Security” by AtulKahate Chapter 2, Page No 73-74

“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 101-103

Websitehttp://www.cs.man.ac.uk/~banach/COMP61411.Info/CourseSlides/Wk1.2.Classical .pdf PPTs -www.eecis.udel.edu/~mills/teaching/eleg867b/crypto_slides/ch02.ppt

4



Define Encryption? Show a block diagram of encryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59



Define Decryption? Show a block diagram of Decryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59-62



State the sketch of Symmetric key cryptography and problem of Key Distribution Cryptography and Network Security” by AtulKahate Chapter 2, Page No 62-71

Website:  http://www4.ncsu.edu/~kksivara/sfwr4c03/lectures/lecture9.pdf

PPTs - cs.ecust.edu.cn/~yhq/course_files/security/topic2.ppt 5



Name the algorithm uses for Symmetric key cryptography Cryptography and Network Security” by AtulKahate Chapter 2, Page No 100

“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 91-94 

Conceptual working of DES along with diagram Cryptography and Network Security” by AtulKahate Chapter 2, Page No 101

Computer Security” by Dieter GollmanChapter -11,Page No-199-202”



Processing step in DES Cryptography and Network Security” by AtulKahate Chapter 2, Page No 102-103

Website:  http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf

PPTs - islab.csie.ncku.edu.tw/course/slide/ch_06.ppt

6



Details of each step in DES Algorithm along with block diagram a) What is happening the Initial permutation (IP) Cryptography and Network Security” by AtulKahate Chapter 3, Page No -102-103

b) Details of one Round in DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -103

i.

Step 1- Key transformation

Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104

ii.

Step2- Expansion permutation

Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104-105

iii. Step3- S- Box Substitution Cryptography and Network Security” by AtulKahate Chapter 3, Page No -105-108

iv.

Step 4-P- Box substitution

Cryptography and Network Security” by AtulKahate Chapter 3, Page No -108-109

v.

Step 5- XOR and swap

Cryptography and Network Security” by AtulKahate Chapter 3, Page No -109-110

c)Variation of DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -111

Website http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf  https://www.google.co.in/search?q=des%20algorithm&tbm=isch&ei=LGW mU8m1MtaD8gWpnYKwAQ#facrc=_&imgdii=_&imgrc=GRgKBo8qM0i ufM%253A%3BXIxHOqkYyDZ7mM%3Bhttp%253A%252F%252Fi1.ytim g.com%252Fvi%252FiayDUAGu9Ec%252Fhqdefault.jpg%3Bhttp%253A %252F%252Fwww.youtube.com%252Fwatch%253Fv%253DiayDUAGu9E c%3B480%3B360

PPTs -islab.csie.ncku.edu.tw/course/slide/ch_06.ppt

7

i.

“What is Asymmetric key cryptography? “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-154-156



Compare Symmetric key cryptography and Asymmetric key cryptography “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-161



Introduction to Digital Signature “ Cryptography and Network Security” by AtulKahate Chapter 4,Page No-165-166

“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 106-107,126,130 “Computer Security” by Dieter GollmanChapter -11,Page No-194-195

Website http://www.icg.isy.liu.se/courses/tsit03/forelasningar/cryptolecture08.pdf  http://technet.microsoft.com/en-us/library/cc962021.aspx

PPTs -http://www.slideshare.net/rohitbhatta/introduction-to-digital-signatures 

8

Basis of Digital signature

Cryptography and Network Security” by AtulKahate Chapter 4,Page No-166-167 Computer Security” by Dieter GollmanChapter -11,Page No-194-195”  Basis for Hashing Concept

Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter 5 page 87-89 Computer Security” by Dieter Gollman Chapter -11,Page No-192-194”

http://technet.microsoft.com/en-us/library/cc962016.aspx 

Message digest

Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 page 90 Cryptography and Network Security” by AtulKahate Chapter 4,Page No-167-196

Web Site –  http://www.cs.iit.edu/~cs549/lectures/CNS-5.pdf  http://www.cs.uiuc.edu/class/fa07/cs498mmp/slides/TFC-F07-Lect15.pdf  https://www.entrust.com/wp-content/uploads/2013/05/cryptointro.pdf 

http://technet.microsoft.com/en-us/library/cc962033.aspx

Topic 4

Name: Computer Security Technology and Intrusion Detection Knowledge Category

Example/s of category

Teaching methodology

FACT

Attack

Use appropriate example to show how attacker attack on Computer security –Eg- attack on particular personal computer to obtained bank account number .

Show Attacker try to enter from weak entry point or bypass the security level Eg: illegal accessing particular bank account to transfer money

Intrusion

Eg-Theft try to enter through window or door

Standard Protocols CONCEPT

Firewall

Virtual Network

Kerberos

appropriate exampleEgFile transfer –FTP Use appropriate example to show firewall mechanismEg Compound wall for Building, Barrier on Road sides. Restricted access to particular website in College

Use appropriate example to private communication Private over public network E.g.: Walky Talky in Army for communicating between soldiers. Use appropriate ppt to show

Lecture no

1

Topic/ Subtopic to be covered



Introduction to Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:435-436



Definition of Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247



Need for Firewall in Computer security and network “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:436



Characteristics of Good Firewall “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437



Types of Firewall and Firewall polices “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437

“Computer Security” by Dieter Gollman Chapter 13, Page No 248, 249 

Limitation and problem in Firewall

“Computer Security” by Dieter Gollman Chapter 13, Page No 250 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:452

Website http://www.dis.uniroma1.it/~alberto/didattica/cns-slides/firewalls.pdf  http://www.cs.iit.edu/~cs549/slides/chapter-14.pdf

PPT  www.cs.kau.se/cs/education/courses/dvgc03/p4/Firewalls.ppt

2



Working of packet filtering in firewall

“Computer Security” by Dieter Gollman Chapter 13, Page No 248 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:438



Working of Application gateway

“Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:441



Working of Circuit level gateways

“Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:442



Implementation of Firewall and Firewall configuration “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:448-451

Website:  http://www.interpole.net/interpole/products/firewall/interwall/details

3

i.

Introduction to VPN “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:469

“Principles of ComputerCompTIA Security +and beyond” by WM.ArthurConklin,Page No 283



VPN Architecture “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:470-472



Types of VPN

“Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:472

Website http://ptgmedia.pearsoncmg.com/images/1587051796/samplechapter/1587051796c ontent.pdf

PPT www.csun.edu/~vcact00f/311/termProjects/.../VPNpresentation.ppt

4



Introduction

to

Kerberos Computer Security” by Dieter Gollman Chapter 12, Page No 219-221



Relation of Kerberos with Authentication

“Principles of ComputerCompTIA Security +and beyond” by WM.Arthur Conklin i.Chapter 11Page No- 263-264

5



How does Kerberos work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 11 Page No -263-264 “Cryptography and Network Security” by AtulKahateChapter 7Page No-372-377

“Cryptography and Network Security” by William Stallings Chapter 14 Page No 412-413

Website:  http://cs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-Kerberos.pdf  http://www.cs.kent.edu/~farrell/grid06/lectures/KERBEROS.pdf  http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx  https://www.google.co.in/search?q=kerberos+authentication&espv=2&source=lnm s&tbm=isch&sa=X&ei=BOimU6HJCNCQuASPr4C4BQ&ved=0CAYQ_AUoAQ &biw=1024&bih=634#facrc=_&imgdii=_&imgrc=IuJfsiiiaao9WM%253A%3BRh 0gI3z74Tb68M%3Bhttp%253A%252F%252Fwww.zeroshell.org%252Fkerberos% 252Fimage%252Fkrbmsg.gif%3Bhttp%253A%252F%252Fwww.zeroshell.org%2 52Fkerberos%252FKerberos-operation%252F%3B638%3B532

6



State different types of Security topology “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin

Chapter 9 Page No206-207  What are Security Zones “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No218--221  How the DMZ work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No219 “Cryptography and Network Security” by AtulKahate chapter13 Page no-451-452



Working of VLAN “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin

Chapter 9 Page No222 Website https://www.google.co.in/ search?q=Security+zone&espv=2&source=lnms&tbm=isch&sa=X&ei=oeimU6v MMdeeugTzloJA&ved=0CAYQ_AUoAQ&biw=1024&bih=634#facrc=_&imgdii =_&imgrc=mJa95BMkxqnx_M%253A%3BI06ak8wtCiM2M%3Bhttp%253A%252F%252Fi.msdn.microsoft.com%252Fdynimg%252F IC11169.gif%3Bhttp%253A%252F%252Fmsdn.microsoft.com%252Fenus%252Flibrary%252Fcc507438(v%253Dvs.85).aspx%3B451%3B399



http://www.cse.wustl.edu/ ~jain/cis788-97/ftp/virtual_lans/

PPT-www.cc.gatech.edu/classes/AY2014/cs4270.../4270-vlan-tutorial.ppt

7



What Intruders? state its three types

“Cryptography and Network Security” by AtulKahatechapter 13 Page No 472-473

“Computer Security” by Dieter Gollman. Chapter 13 Page No-251 

Basic of Intrusion detection System

“Cryptography and Network Security” by AtulKahatechapter 13 Page No 473-474

“Computer Security” by Dieter Gollman. Chapter 13 Page No-252 

Types of IDS

“Cryptography and Network Security” by AtulKahatechapter 13 Page No 474-475

“Computer Security” by Dieter Gollman. Chapter 13 Page No-253  Three Logical Component of IDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 13 Page No 321



Honey pots

“Cryptography and Network Security” by AtulKahatechapter 13 Page No 475

“Computer Security” by Dieter GollmanChapter 13 Page No 254 Websites http://www.ee.tamu.edu/~reddy/ee689_04/pres_sumitha_james.pdf

PPT -www.cs.utexas.edu/users/ygz/395T-01F/reading/arun.ppt

8

 What is Host based IDS ?Show its Components “Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13 Page No-323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 474—475



What is Network Based IDS? Show its Components Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 475

State Advantage of NIDS and Disadvantage of NIDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -32

PPT - www.cs.northwestern.edu/~ychen/classes/msit458-f11/ids.ppt

9

 Why Email security standard is required ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 307-308

 Working Principle of SMTP along its diagram Cryptography and Network Security” by AtulKahate chapter 6 Page No- 308-310

 What is PEM? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 310-311

 State Four Operation in PEM ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-312

 Describe each Step in PEM Operation in detail Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-314

Website:  http://www.hydtechwriter.com/what-is-simple-mail-transfer-protocol-smtp/

PPT- www.cs.huji.ac.il/~sans/students_lectures/PEM.ppt

10

 Describe PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433

 How PGP Works Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433

 State step wise Operation in PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 315-316

 What is S/MIME ?Describe working principle of S/MIME Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 322-326

11



Introduction of IP Security Cryptography and Network Security” by AtulKahate chapter9 Page No-452-453 “Computer Security” by Dieter Gollman Chapter 13 Page No -239



Overview of IPSecalong with its Application and advantage Cryptography and Network Security” by AtulKahatechapter9 Page No-454-455 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-485486

 2 types IPsec Protocol Cryptography and Network Security” by AtulKahatechapter9 Page No-455-457 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-486487



Draw the format of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-459-463 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-494496



Draw the format of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-465 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-498500

Website:  http://securityweekly.com/presentations/IPSEC.pdf  http://technet.microsoft.com/en-us/library/cc776369(v=ws.10).aspx https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13847.ht m  http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html

12



What is Security Association “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page No:284-285

 What is IPSec Configuration “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page no-285-286



Describe the Tranport and Tunnel Modes of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-463



Describe the Transport and Tunnel Modes of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-466

Website:  http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html  http://www.deepsh.it/networking/IPSec.html  https://techlib.barracuda.com/display/bngv52/how+to+create+an+ipsec+vpn+tunne l+between+the+barracuda+ng+firewall+and+a+pfsense+firewall  http://flylib.com/books/en/3.190.1.135/1/  https://training.apnic.net/docs/eSEC03_IPSec_Basics.pdf

PPT-www.cs.northwestern.edu/~ychen/classes/mitp-458/ipsec.pp

Topic 5

Name: IT Act and Cyber Law Knowledge Category

Example/s of category

Teaching methodology

FACT

File

Use appropriate example of any Software File like DOC, PPT or EXE file

Act

Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act

Crime

Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System

Law

CONCEPT

Cyber Crime Hacking & Cracking

Piracy

Investigation

Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate

Lecture No.

1

Topic/ Subtopic to be covered

        PPTs    

What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage Formatted Partition Recovery Procedure (FAT / NFTS) Data Recovery Categories & different Tools available Procedure of Data Recovery & Ethics

http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminN ew_recover.htm  http://transparen.com/data-protection-group/data-recovery-ethics

2

 What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181  Different Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182  What is Hacking & Cracking – Types of Hackers  Virus & its attacks  Define terms – Pornography, Software Piracy “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 PPTs –  http://www.slideshare.net/aemankhan/cybercrimeppt-27376284  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7 &cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww. cyberseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bv m=bv.69411363,d.c2E

3

4

 Intellectual Property – Copyright & Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166 http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pd  Which are different types of legal Systems & its laws  Define term – Mail Bombs, Bug Exploits  Cyber Crime Investigation – its procedure PPTs –  http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final  http://www.slideshare.net/tabrezahmad/cybercrime-investigation  http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime  Need of Cyber Law & What is Cyber Law “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187  IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185  IT Act 2008 – Modification in IT Act 2000, Characteristics PPTs http://www.slideshare.net/YogendraWagh/it-act-ppt-1111  http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation  http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761

Topic 6

Name: Application and Web Security Knowledge Category

Example/s of category

Teaching methodology

FACT

Standard Protocols

Demonstrate with

SSL,TLS

suitable Chart

Web security threats

CONCEPT

Hotfix Patch Upgrades

Small section of code designed to fix problems Ex- Any work done on Windows 2000 is targeted at the next service pack and hotfixes are built against the existing available base.

Lecture No.

1

Topic/ Subtopic to be covered

  

What is application hardening ? What is Patches? What is Web security? “Principles of Computer Security CompTIA Security +and beyond” by WM.Arthur Conklin Chapter-14 pg.nos-373 to 378

2

   

How web server works? What is active Directory? Web security threats Web security approaches

3



Working of SSL,TLS i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos358 to391 ii. AtulKahate Cryptography & Network Security Chapter-6. Pg.nos-218 to 231

PPT4

 www.smsvaranasi.com/KMC/kmc_ppt/islc/SET.ppt  Working of SET i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos391 to 415 ii. "Cryptography & Network Security "by AtulKahate Security Protocols" Pg.nos 231 to 251

PPT  euclid.barry.edu/~zuniga/courses/cs477/SET.ppt

Chapter-6. "Internet

Information Security Topic 1

Name: Introduction security & Model Knowledge Category

Example/s of category

FACT

Security

CONCEPT

PRINCIPLE

Teaching methodology

Use appropriate example of security – security guards outside office Ex: Students data that is Data details through which you can easily find out any student. Three pillars of Use any appropriate PPT and example – email information security Confidentiality, Integrity, Availability Information security CIA principles

Learning Resources: Books:  “Principles of Information Security” By Whitman Publisher - Cengage india  “Information System Security” by Godbole Nina Publisher - John Wiley  “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Publisher – Pearson  “Information Security & Cyber Laws” by Saurabh Sharma Publisher Vikas Publishing House Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector PPTs- PPT with Sample: Preferably prepare PPTs containing(Keyword in Google search:- “ppt for event classification in information security” Select “ 2nd Link”)  www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt 

Websites https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt

Lecture No.

Topic/ Subtopic to be covered

1

2

   

Define Security – Example of Security Guard Define Information – Example like Student / Employee Data What is the need of information? – Area where information is used Why information is important? – what are the advantages of Information in day to day life “Principles of Information Security” By Nina Godbole Chapter -5 Note – Summarize the key points & definitions of Topic  Example of application where information is important  Example: Governments, commercial businesses, and individuals are all storing information electronically - compact, instantaneous transfer, easy access  Ability to use information more efficiently has resulted in a rapid increase in the value of information  Define Information Security “Principles of Information Security” By Nina Godbole Chapter -1 Page No 1 to 5

PPT 3

4

5

6

7

8

iii. https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt  How information is classified?  Which criteria is required for classification of Information – List various criteria “Principles of Information Security” By Nina Godbole Chapter -5 Page No 76 to 80  What is the need of security  Why information security is important? “Principles of Information Security” By Nina Godbole Chapter -1 Page No 2,3  Basic principles of information security – Show Pyramidal Model of CIA  Confidentiality- Authorized user should able to access information  Integrity- Authorized user should able to modify information  Availability- whether authorized users or host should be available

 Which are pillars of Information security?  Demonstrate with diagram “Principles of Information Security” By Nina Godbole Chapter -5 Page No 73 to 75  What is data obfuscation? Example for data obfuscation “Principles of Information Security” By Nina Godbole Chapter -5 Page No 81, 82  Event classification “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5

PPT iv. www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt

Topic 2 Name: Information Security Architecture and Model Knowledge Category

Example/s of category

Teaching methodology

FACT

Information

Use example like Data

Security

CONCEPT

Management

Use appropriate example of Management – College management system etc.

Standards

User appropriate examples like ISO standard

Guidelines

Policy

PROCEDURE

User appropriate examples like Guidelines of writing paper, experiments etc. User appropriate examples like Password Selection Policy

Confidentiality Model

User appropriate examples like belief in relationship User appropriate PPTs &

Integrity Model

examples

Trust PRINCIPLE

Use appropriate example of security – security guards

Evaluation Criteria – User appropriate PPTs & TCSEC

examples Department of Defense (India/U.S.)

Learning Resources:: Books:  “Information System Security” by Godbole Nina Publisher - John Wiley  “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Publisher – Pearson Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector

Lecture No.

Topic/ Subtopic to be covered

1

 What is Information Security, Why Information Security (Revision)  Definition of Risk Management o Use suitable example like organization, College etc.  Components of Risk Management o Diagram of Components & explain each component Web Site –  http://demop.com/articles/what-is-information-security.pdf  http://www.investopedia.com/terms/r/riskmanagement.asp  http://www.whatisriskmanagement.net/  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1& cad=rja&uact=8&ved=0CBsQFjAA&url=http%3A%2F%2Fwww.specialoly mpics.bc.ca%2Fsites%2Fdefault%2Ffiles%2FSanctioning%2520%2520Risk%2520Management.doc&ei=MFOlU4WRO9CVuATUtoDoCw& usg=AFQjCNF6CfirRE9Si7HfgGcz0KoL2HLzuA&bvm=bv.69411363,d.c2 E PPts –  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&sqi=2&ved=0CDoQFjAH&url=http%3A%2F%2Fwww.ju st.edu.jo%2F~tawalbeh%2Faabfs%2Fiss6753%2Fpresentations%2FRMP.ppt &ei=ZlOlU8SkE9CKuATpzYDoCg&usg=AFQjCNHFQFBF90DQB0kiin7e EJr1zoDvHA&bvm=bv.69411363,d.c2E  How to Identify Risk  Calculation of Risk – Show formula for calculation of Risk  Quantitative & Qualitative Risk Analysis – Give comparison with example “Information System Security” by Nina Godbole Chapter No 6, Page no 92,93 “Computer Security” by Dieter Gollman Chapter 2, Page No 26  “Information System Security” By Nina Godbole  What is Security Policy – Types of Policies “Information System Security” by Nina Godbole Chapter No 4, Page no 57, 58  What is Guidelines & Standards – o Give example like Guidelines for Online exam etc. o Give example like ISO etc. “Information System Security” by Nina Godbole Chapter No 4, Page no -61 Web Site –  http://www.pearsonitcertification.com/articles/article.aspx?p=418007&seqN um=5

2

3

4

5

 Trusted Computing Base (TCB)- Definition, Features & Elements “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -118  What is Ring of Trust – Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -119  Ring of Trust for Stand-alone systems & for Network environment o Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -120, 121 Web Site –  http://searchsecurity.techtarget.com/definition/trusted-computing-base  http://link.springer.com/chapter/10.1007/978-3-642-04831-9_10#page-1 PPTs –  https://wiki.engr.illinois.edu/download/attachments/183272958/trustelements-and-examples.pdf?version=1&modificationDate=1318426648000   What is Protection mechanisms o Use example like Antivirus, CCTV cameras etc.  Different Protection Mechanisms in TCB– Prepare Chart “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -121 to 123  Process Isolation  Principles of least privilege  Hardware Segmentation  Layering  Abstraction  Data Hiding



6

7

Information Storage – Prepare the Chart & display  Primary & Secondary Storage  Real & Virtual Memory  Random Memory  Sequential Storage  Volatile Memory  Closed & Open System  Multitasking, Multiprogramming & Multiprocessing System  Finite State Machine

Web Site –  http://www.cl.cam.ac.uk/~rja14/policy11/node22.html#SECTION000490000 00000000000  PPTs  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&ved=0CEAQFjAG&url=http%3A%2F%2Fwww.aast.edu %2Fpheed%2Fstaffadminview%2Fpdf_retreive.php%3Furl%3D373_23865_ CR415_2011_1__1_1_merkow_ppt_05.ppt%26stafftype%3Dstaffcourses&e i=gFilU6PwJtiXuAT99oLQCQ&usg=AFQjCNGWq3ilHnruRPVVKLYpuqxTUWGRA&bvm=bv.69411363,d.c2E  System Security Assurance Concepts ii. Functional & Assurance Requirement iii. Goals of Security Testing iv. Formal Security Testing Models “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5

8   

What is Trusted Computer Security Evaluation Criteria (TCSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -125 Purpose of TCSEC Classes of Divisions of TCSEC  Prepare Chart for use of Divisions and Classes “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -126, 127 c) Division D d) Division C – Class C1 & Class C2

9

e) Division B – Class B1,Class B2, Class B3 f) Division A – Class A1 “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5 Page No -127, 128, 129 Web Site –  http://www.cse.psu.edu/~tjaeger/cse443-s12/docs/ch12.pdf  http://www.boran.com/security/tcsec.html

10 

What is Information Technology Security Evaluation Criteria (ITSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -129  Comparison of ITSEC & TCSEC “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -130  ITSEC Purposes & Assurance Classes – E0 to E6 o Prepare chart for description of E0 to E6 Web Site –  http://www.iwar.org.uk/comsec/resources/standards/itsec.htm  http://www.newstaff.com/criteria/itsec/levels/index.html  http://www.cse.dcu.ie/essiscope/sm2/beyond/itsec.html

11 

What is Confidentiality & Integrity Model – Different Models “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -141, 142  Bell-LaPadula Model  Biba Integrity Model “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5

12

Web Sites –  http://www.digitalthreat.net/2010/05/information-security-models-forconfidentiality-and-integrity/ PPTs  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&ved=0CEUQFjAH&url=http%3A%2F%2Fwww.cs.gsu.ed u%2F~cscyqz%2Fcourses%2Faos%2Fslides09%2Fch8.3-Fall09XiaoChen.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNF75f57UF6r4d CxBVAEZVSPZEJHzw&bvm=bv.69411363,d.c2E  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10 &cad=rja&uact=8&ved=0CFEQFjAJ&url=http%3A%2F%2Fwww.etcs.ipfw .edu%2F~steffen%2FITT%2FOld-PP%2FChapter%25205Network%2520SecurityITT.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNFsMY6g2X8tr2dPvo mZbaIldMrVvg&bvm=bv.69411363,d.c2E  Advanced Models- Definition and Use “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -142 vi. Clark &Wilson Model vii. Noninterference Model viii. State Machine Model ix. Access Matrix Model x. Information Flow Model Web Sites –  http://www.commondork.com/2010/05/16/bell-la-padula-biba-andclark-wilson-security-models/  http://crypto.stanford.edu/~ninghui/courses/Fall03/papers/landwehr_s urvey.pdf

Topic 3

Name: Cryptography Knowledge Category

Example/s of category

Teaching methodology

FACT

Plaintext

Use example of Plaintext–Human language understandable by Sender and receiver.

Key (message:“welcome to third year diploma”) Cipher Text

Show any message is Codified by replacing or reposting. KEY is “3” Alphabet A Codified by key “3” to Alphabet “C” Show example of codified message like MOUSE is code to “UEMOS”

CONCEPT

Cryptography, Cryptanalysis

Use appropriate example to show the converting of plaintext to cipher text and vice-versa – “In war times message is cryptograph and sent in order to protect from enemy.”

Encryption

Decryption

Private Key

Public Key

Show example of encoding plaintext to Cipher text: Eg. ”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret:

Lecture No.

Topic/ Subtopic to be covered

1  Introduction to Data Encryption Technique “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11  What is Cryptography? – Draw diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No1314  What is Cryptanalysis? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15  Application of Cryptography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15

Website   

http://en.wikipedia.org/wiki/Cryptography http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm



Classical Encryption Technique used by Sender and Recipient

2 “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11



State 2 types of Encryption Methods? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12

iii. Give various components of Symmetric Encryption And Decryption

Process – Use Diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12-13

Website:  http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf

PPT – 1.

https://www.cs.purdue.edu/homes/ninghui/.../526_Fall12_topic02.ppt

3 iv. Define Substitution Cipher

“Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15 v. Working principle of Caesar cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15-16

Ex: message “MOUSE” CODED MSG: UEMOS vi. State advantage and disadvantages of Caesar Cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16 vii. Working principle of Monoalphabetic cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16-17

Website  http://www.math.uic.edu/CryptoClubProject/CCpacket.pdf

PPT – 

https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt

4 1. Working principal of Playfair cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 17-19 2. Hill cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 19-21 Website http://www.ling.ohio-state.edu/~cbrew/2008/spring/playfair.pdf PPT https://www.uop.edu.jo/material/1843212812010.ppt

5 a) Define Transposition cipher. State its 2 types “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 26-27 b) How Row transposition cipher works – Use example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 2627

Website 6

 http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less05.html a) Working principle of One Time Pad – Give example & Solve it “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 24

PPT

https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt

7

b) What is Stegnography? – Flow diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28 

Uses of Stegnography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28



Stegnography and security “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28

Website8

 http://arxiv.org/ftp/arxiv/papers/0912/0912.2319.pdf  Introduction to Digital Signatures,

“Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -204 

Implementation of Digital Signature o Use Flow diagram for explanation “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206  Association of Digital signature and Encryption “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206

Website http://www.youdzone.com/signature.html  http://www.infosec.gov.hk/english/itpro/public_main.html

9



What are Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 208



Working Principle of Various Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 209-212

Websitea) http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf

10



Authentication Protocols – List different Protocols “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 214

11



What is Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213

Website12

 http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf  http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less19.html  Give Application Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213-214

Website http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf

Topic 4 Name: Data Recovery and Cyber Security Knowledge Category

Example/s of category

Teaching methodology

FACT

File

Use appropriate example of any Software File like DOC, PPT or EXE file

Act

Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act

Crime

Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System

Law

CONCEPT

Cyber Crime Hacking & Cracking

Piracy

Investigation

PROCEDURE

Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate example of investigation bureau

Cyber Law

Use any appropriate PPT or example like IT Act 1961 etc. Use any appropriate PPT

IT Act 2000, 2008

Use any appropriate PPT

Data Recovery Tools

Use

IT Act

PRINCIPLE

Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT

any

appropriate

Freely available tool like -

Lecture No. 1

Topic/ Subtopic to be covered

      PPTs    

2

   

What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage o List out the reasons Formatted Partition Recovery Procedure (FAT / NFTS) http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminNe w_recover.htm Data Recovery Categories Different Tools available for Windows etc. – List of various freely available tools on Internet Procedure of Data Recovery – Give step wise example Data Recovery Ethics

Website a) http://pcsupport.about.com/od/filerecovery/tp/free-file-recoveryprograms.htm b) http://transparen.com/data-protection-group/data-recovery-ethics

3

 What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181  Different Types of Cyber Crime o Use tree diagram for Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182 PPTs –  http://www.slideshare.net/aemankhan/cybercrimeppt-27376284  https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww.cy berseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bvm =bv.69411363,d.c2E

4

  

What is Hacking & Cracking – Types of Hackers Virus & its attacks – List types of attacks like Dos, DDos… Define terms – Pornography, Software Piracy o Use example like CD Piracy etc. “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 Website – a) http://www.legalservicesindia.com/articles/cyhac.htm b) http://evestigate.com/cyber-crime-hacker-terms-to-know/

5

 What is Intellectual Property  Copyright,  Patents  Industrial Design Rights  Trademark – Use example like logo of MSBTE etc.  What is Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166  Define term – Mail Bombs, Bug Exploits Website – a) http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pdf

6

7

PPTs –  http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final  Which are different types of legal Systems & its laws  Cyber Crime Investigation – its procedure Website  http://www.slideshare.net/tabrezahmad/cybercrime-investigation  http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime  Need of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187  What is Cyber Laws – Definition of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 PPTs http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761

8  IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185



o List out the Chapters IT Act 2008 – Modification in IT Act 2000, Characteristics o List out the Chapters

PPT –  http://www.slideshare.net/YogendraWagh/it-act-ppt-1111  http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation

Topic 5 Name: Access, Physical Control and Compliance Standards Knowledge Category

Example/s of category

FACT

Identification

CONCEPT

Use any physical mark of identification example like Green color eyes . Use appropriate example Biometrics of Biometrics – Thumb impression used in attendance system of Physical access control college. Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc. Compliance Standards Acting according to certain accepted standard .Eg like ISO standard Authorization

Authentication

Framework

PRINCIPLE

Teaching methodology

Kerberos Model

Specifying access rights to particular resources Eg: human resources staff is normally authorized to access employee records. It includes formalized as access control rules in a computer system. Accepting proof of identity given by a credible person examples like College ID card or Employee ID, Passport Structure of Computer System Use example of Software frameworks include support programs, compilers, code libraries, tool sets, and API User appropriate PPTs &

Lecture No.

Topic/ Subtopic to be covered

1

 What is Identification? – Use example like Photo ID card “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234  Define Authorization? State its features “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 6 Page no 249  What is Authentication? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234  State features of Biometrics? – Use example like Thumb Reader etc. “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241 

Give various element involved in Biometrics System – Show diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241

 How Single Sign- on works? – Use diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 242

Website –  http://www.cyberciti.biz/faq/authentication-vs-authorization/  http://www.cse.iitk.ac.in/users/biometrics/pages/what_is_biom_more.h  http://www.biometrics.gov/  PPT –  www.cse.fau.edu/~security/public/BiometricsPresentation.ppt  https://www.owasp.org/.../OWASPSanAntonio_2006_08_SingleSignO n.

2 

Describe Kerberos Model? o Use various servers used in Kerberos o Draw diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243  Show relation of Kerberos with Authentication Ex: Student is allowed to enter in Library hall by checking College ID and entering name in Register and Verify by Librarian or any other suitable examples “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243

 How Remote Access works? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247  Remote user access and Authentication “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247 Website: a) http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx b) http://www.google.co.in/imgres?imgurl=&imgrefurl=http%3A%2F%2Fwww.codep roject.com%2FArticles%2F27554%2FAuthentication-in-web-services-using-C-andKerbero&h=0&w=0&tbnid=qv2CJmNFmv7QYM&zoom=1&tbnh=186&tbnw=27 0&docid=IGaJwLDTXe1FmM&tbm=isch&ei=GeoU_3TCZKgugS8r4LwCQ&ved=0CAIQsCUoAA c) https://software.intel.com/sites/manageability/AMT_Implementation_and_Referenc e_Guide/default.htm?turl=WordDocuments%2Fintroductiontokerberosauthenticatio n.htm

PPT: a) www.obscure.org/~jafitz/250_p1/Kerberos.ppt b) www.isi.edu/~annc/classes/grid/lectures/sivaLecture.ppt

3  What is Physical access control? Ex: Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 9 Page no 400 a) What are threat invoked in Physical access “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 195. a) Need for Physical Security “Information System Security” by Nina Godbole Chapter 7 Page No 101

Website –  http://www.cdn.com/securitysystemPhysical.aspx 4

b) What is Physical Security – example like wall, security dogs, safety doors etc. “Information System Security” by Nina Godbole Chapter 7 Page No 102 c) How to provide physical security “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 197, 198

Website –  http://www.cdn.com/securitysystemPhysical.aspx 5

 Define Compliance in general term  What is Compliance Standard  Implementing and Information Security Management System (ISMS) “Information System Security” by Nina Godbole Chapter 4 Page No 64 and Chapter 23Page No 424 Website:  www.oxforddictionaries.com/definition/english/compliance  http://www.immusec.com/en/implementation-information-securitymanagement-system  https://www.aiche.org/ccps/topics/elements-process-safety/commitmentprocess-safety/compliance-standards/introduction

6 

ISO 27001“Information System Security” by Nina Godbole Chapter 22 Page No 400



ISO 20000 “Information System Security” by Nina Godbole Chapter26 Page No 470 BS25999







PCI DSS “Information System Security” by Nina Godbole

Website     

www.iso.org/iso/home/standards/management-standards/iso27001.htm www.iso27001security.com http://www.standards.org/standards/listing/iso_20000

https://www.pcisecuritystandards.org/security_standards/ http://www.securityassessment.com/files/presentations/PCI_DSS_Presentation_0107.pdf  https://www.set.or.th/.../BCM%20with%20PWC%2027%20April%20v3.

PPT

7



www.ermantaskin.com/bcm/BS25999_ERMAN_TASKIN.ppt

How ITIL frameworks help the IT organization? “Information System Security” by Nina Godbole Chapter26 Page No 470

Website http://www.itil-officialsite.com/AboutITIL/WhatisITIL.aspx  http://www.best-management-practice.com/gempdf/itil_the_basics.pdf

PPT a) https://www.ok.gov/OSF/documents/ITILOverview.ppt b) www.chakarov.com/powerpoints/itilv3overview.ppt

8



How COBIT framework works in IT organization “Information System Security” by Nina Godbole Chapter 22 Page No 400 and Chapter 25 Page No 449 Website: a) http://www.isaca.org/cobit/documents/cobit-5-introduction.pdf b) http://www.counterpoint.co.za/pages/cobit.htm c) http://www.isaca.org/COBIT/Documents/COBIT5-Ver2-FrameWork.pdf ppt: a) www.isaca.org/cobit/documents/cobit5-introduction.ppt b) https://www.vpit.ualberta.ca/frameworks/ppt/cobit_introduction.pp

Teaching Scheme

Short Description

Description

Comments

We need your help!